腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] Finally, a secure web browser for the enterprise: https://enterprise.google.com/chrome/chrome-browser/ (GPO policies are crucial for enterprise use).
"Google 推出企业版 chrome 浏览器: https://t.co/sbaX4M8K9Z 。"
-
[ Browser ] Understanding the Firefox fracas. @ iamwilliamwebb takes a look at the vuln and exploit: http://r-7.co/2ifd7vY
"Firefox 漏洞分析与利用,来自 Rapid7︰ https://t.co/PpsphozlVv"
-
[ Debug ] Yay, Microsoft made a JavaScript extension for Windbg before I've had a chance to kill myself with Python:… https://twitter.com/i/web/status/814411428257939456
"Microsoft JS Windbg 扩展: https://t.co/Jehk6kSWB3"
-
[ MalwareAnalysis ] Malware Obfuscation Techniques : Packing : http://security.di.unimi.it/sicurezza1314/slides/obfuscation-2014.pdf (Slides)
"恶意软件混淆技术之加壳(slides)︰ https://t.co/1C2TbxuhiU "
-
[ Mobile ] #Android #Security Bulletin by #Samsung http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2015
"Samsung Android Security 12月公告: http://security.samsungmobile.com/smrupdate.html"
-
[ Mobile ] Relive : A look into the Mobile Messaging Black Box : https://fahrplan.events.ccc.de/congress/2016/Fahrplan/system/event_attachments/attachments/000/003/121/original/slides.pdf (Slides) , Live-Stream : http://streaming.media.ccc.de/33c3/relive/8062 cc @ twillnix
"移动通讯软件的消息传递内幕分析︰ https://t.co/m8hp3MuKhE ,video︰ https://t.co/WYym0TgEaH "
-
[ Others ] Today we released Transform360, our next generation video encoding and transform techniques for 360 video and VR. https://t.co/vb3rVDj8uk
"Facebook 开源 Transform360 全景视频及 VR 技术: https://t.co/vb3rVDj8uk"
-
[ Tools ] New Maltego User Guide (up to 4.0.12). So much depth & detail we should have called it 'The Ultimate Maltego Book'. https://t.co/GFcxsUVkEI
"情报收集和取证工具 Maltego 用户指南 : https://t.co/GFcxsUVkEI"
-
Xuanwu Spider via seebug[ Browser ] How to bypass CSP nonces with DOM XSS (译): http://paper.seebug.org/166/
-
Xuanwu Spider via Youtube
[ iOS ] 33c3 会议上关于 iOS 设备降级的议题,会议视频: https://www.youtube.com/watch?v=m3NuW83m1to
-
Xuanwu Spider via Github
[ Windows ] DeviceGuard Bypass Mitigation Rules: https://github.com/mattifestation/DeviceGuardBypassMitigationRules
-
Xuanwu Spider via twitter
[ Others ] <insert x86 instruction here> 哪错了,侧信道攻击以及 Kernel ASLR 的绕过: https://twitter.com/dinosn/status/814473902298726401
-
Xuanwu Spider via twitter
[ Others ] <insert x86 instruction here> 哪错了,侧信道攻击以及 Kernel ASLR 的绕过(video): https://twitter.com/dinosn/status/814473902298726401
-
Xuanwu Spider via 上海交大 GoSSIP
[ Mobile ] 剑与盾——移动游戏安全攻防研究: http://securitygossip.com/blog/2016/12/29/2016-12-29/
-
Xuanwu Spider via ccc-tv
[ Attack ] PHP 7 反序列漏洞攻击,来自 33c3 会议视频: https://media.ccc.de/v/33c3-7858-exploiting_php7_unserialize
-
Xuanwu Spider via 呆子不开口
[ Others ] poc 链接的反分析,来自呆子不开口在 FreeBuf 会议的演讲,谈用风控的思路去保护我们的攻击链接: https://pan.baidu.com/s/1bpl9buZ
-
Xuanwu Spider via weibo
[ Android ] 罗升阳(老罗的 Android之旅)自己搭建了一个网站开始连载《Android系统源码情景分析》: http://0xcc0xcd.com/p/index.php
-
Xuanwu Spider via 网安国际
[ Others ] Hypnoguard: 保护待机状态下的内存数据: http://mp.weixin.qq.com/s/Jj-w6AsNeikT25VeYQiHjQ